Millions of computers have Gigabyte motherboards with a hidden firmware code, which could be exploited to facilitate malware deployment, reports Wired.
More than 270 Gigabyte motherboard models are impacted by the hidden firmware updater mechanism, according to a report by Eclypsium researchers, who discovered that the mechanism had similar behavior as state-backed spyware tools.
"If you have one of these machines, you have to worry about the fact that its basically grabbing something from the internet and running it without you being involved, and hasn't done any of this securely. The concept of going underneath the end user and taking over their machine doesn't sit well with most people," said Eclypsium Head of Strategy and Research John Loucaides.
Gigabyte has already been working on a fix for the issue but Crash Override Chief Security Officer Rich Smith expressed concern for a potentially significant supply-chain attack resulting from the issue.
"You can use techniques that have traditionally been used by malicious actors, but that wasnt acceptable, it crossed the line," Smith added.
BleepingComputer reports that several U.S. financial institutions and numerous cryptocurrency apps are having their users mostly targeted by an expanded Xenomorph malware campaign leveraging an updated version of the Android banking trojan that also set sights on users in Canada, Italy, Spain, Belgium, and Portugal.